Delivery-Date: Wed, 31 Dec 2014 23:02:09 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY,
	URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 87A4C1E09FC
	for <archiver@seul.org>; Wed, 31 Dec 2014 23:02:07 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 688E232AA1;
	Thu,  1 Jan 2015 04:02:04 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 0E88F32AA7
 for <tor-talk@lists.torproject.org>; Thu,  1 Jan 2015 04:02:01 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id c50AqcptGkID for <tor-talk@lists.torproject.org>;
 Thu,  1 Jan 2015 04:02:00 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id CDB8732A2C
 for <tor-talk@lists.torproject.org>; Thu,  1 Jan 2015 04:02:00 +0000 (UTC)
Received: from berryeater.riseup.net (berryeater-pn.riseup.net [10.0.1.120])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.riseup.net (Postfix) with ESMTPS id 2A895414F4
 for <tor-talk@lists.torproject.org>; Thu,  1 Jan 2015 04:01:58 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak;
 t=1420084918; bh=bI6McowE/sFINtFhisFjzwQ3CDd6pD9RaApNwEpJuRc=;
 h=Date:From:To:Subject:References:In-Reply-To:From;
 b=JEWHmij7zrz2jLx2J/qijVXlgX0CemFcN3enLMHCttd/FMs8UpESCSjxCI+RE99Na
 YmPwjU+6jzrpFNbKHZd5Z2CmU3jsCOqnHjPgWPFaSyT3knyFdu4sWuNd30ZUaQv0gu
 nrr6OHD2Lq8Jal6S5QwzrGa1GdyyW5/Hx1EpgZSc=
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (Authenticated sender: colinmahns) with ESMTPSA id 6F723420A2
Message-ID: <54A4C6BF.3040207@riseup.net>
Date: Thu, 01 Jan 2015 04:02:07 +0000
From: Colin Mahns <colinmahns@riseup.net>
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <54A4A69B.4020803@riseup.net>
 <20150101132852.73822cef@localhost.localdomain>
In-Reply-To: <20150101132852.73822cef@localhost.localdomain>
X-Virus-Scanned: clamav-milter 0.98.5 at mx1
X-Virus-Status: Clean
Subject: Re: [tor-talk] Giving Hidden Services some love
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============6643417844198993324=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============6643417844198993324==
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature";
 boundary="x4m0Vs18Ij7PQU3WSw4ncvrtuT5euD1P5"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--x4m0Vs18Ij7PQU3WSw4ncvrtuT5euD1P5
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

> This could be combined with a change to HTTPS Everywhere to prefer HS
> sites over clear web sites, just as it prefers HTTPS over HTTP. (I
> think this has been mentioned before?)

You mean like what we've been doing over on
https://github.com/chris-barr/darkweb-everywhere? :)

The above tool (granted I have a *very* clear bias) is why I am not a
fan of the "make a hidden service be a reverse proxy to another
website". I'm not comfortable with transferring expected ownership of a
website for a number of reasons, which is is why we try to vet every
site included.

I'm very big on asking websites, especially those that are censored, to
run a hidden service as a way to protect their users and as a way to
make them more censor resistant. I think the lack of interest has
started to go away now that Blockchain and Facebook have implemented
one, since I haven't been getting the usial "Well we don't block Tor..."
response. Maybe we can get a big news organization to run one for a
proof of concept?

Colin

Katya Titov:
> Thomas White:
>> As per Nick's post, I fully agree that hidden services do need some
>> work, but I imagine the vast majority of people on this list are not
>> skilled in the languages and areas required to do any kind of
>> technical reform to them. However, technical reform of them is only
>> one aspect.
>>
>> I've been launching a few of my own hidden services recently with some=

>> useful things such as Tor project mirrors, as well as my own
>> client-side encrypted file host/sync which I've currently got in
>> private beta (email me privately if you want to give it a test drive).=

>> In order to make hidden services a bigger priority and to potentially
>> attract more funding from sponsors to Tor Project, I think we as a
>> community need to make better use of them. They are end to end
>> encryption, thus have held up very well against nation state attackers=

>> like the NSA and GCHQ, and they do not require exits and that makes
>> use of the underutilised capacity of the non-exit relays in the
>> network.
>>
>> If anyone has any thoughts on what they would like to see as a hidden
>> service, I am all ears to suggestion. Whether you can build it or not
>> (so yeah, even if it is just an idea throw it at me) I'd love to know
>> what you want to see in hidden services.
>>
>> One of the primary ideas in the works right now for myself is a shared=

>> host environment which I and a few others are experimenting with ideas=

>> for, but the premise is each person would be assigned a small virtual
>> machine and they could host Wordpress blogs for example, or whatever
>> else that would make people more comfortable using hidden services.
>>
>> So to conclude - if you've got ideas, I'd love to hear them!
>=20
> Hi Thomas,
>=20
> It would be interesting to see big sites out there providing more
> resources within the Tor network, i.e. offering hidden services
> themselves. Maybe this could be an area of exploration: rather than
> hosting sites yourself, provide information, encouragement and advice
> to others to run their own HS. Maybe run a HS which is just a proxy
> into their clear web site, with their permission, as an initial step?
>=20
> This could be combined with a change to HTTPS Everywhere to prefer HS
> sites over clear web sites, just as it prefers HTTPS over HTTP. (I
> think this has been mentioned before?)
>=20
> This would lead towards an environment where there is less need to
> leave the Tor network itself. Many providers are completing the
> end-to-end model and also encrypting their internal links, the next
> logical step may be to operate within an environment which is outside
> the reach of state monitoring, or at least further from their grasp.
>=20
> (This could lead to further Balkanisation of the Internet, and could
> also lead to more direct competition between Tor and I2P ... but I'd
> wager that this won't increase the likelihood of Balkanisation, and
> competition should be good for both projects.)
>=20
> Slightly off-topic: if use of hidden services is going to expand then
> this may be an opportune time to ensure that they will continue to work=

> into the future, e.g. who is going to own the .onion TLD? Should the
> Tor Project make a bid for it? Should HS change the way they are
> addressed? I don't know how the code works now, but I assume that there=

> is something which stops DNS lookups of .onion domains and just
> redirects them toward a HS lookup. What happens when the Oxnard Chamber=

> of Commerce claims that TLD?
>=20


--x4m0Vs18Ij7PQU3WSw4ncvrtuT5euD1P5
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJUpMbLAAoJEO5AyXwfVvMgPcAP/0zjcNUkxWbR8MbT6ONVFrPa
VgDKBx0MxDjc2tQW4li/Rn2lx8cWBGxBGZUqyLpu4T5tQKvWWOIbMKum1ac4xNPD
DaHBbnrDd0hgMfnasoqQWMlu79xot0Wk0ogJiMK9cg3Z1+I0dvNsO2ZowclHe4M9
vD8o3HiCXtyvoVsg6ah+krIEsu8pGogCKABdZxdDyWLhxsEJMBp4MvdOhoQfZgfS
GErqE9B8W1+bx8T+mQjoxN94D9sNozpbbpG4dJpkzxzyRTdJJ5TmuN2YfaAo0Uaw
4dh3vJw3BsXIG+zNlvILubTbOoDKfDxlAlrvI/bhcqX+l2vSeibz/Kc1pwlSOETW
sVtNbf/jU3X/lbj7v/3Dk9lCTiWGq1I7Kbi0d7NXMkKfca8GD2IshiR6hxIq150w
UDEO88mcYmhOa0r9Z+Fl5FUHzmU+eBU74ccHJ5r7C1EDbYnUyxW3E5uB9awCaFDM
pShlgQNTZEQrCiUKCtsB7BO3j/lixlbAPnooWOu5dSyMIs9w0oXvusW64clkpwiL
CachsuUOPMVya+8XWJChxG9y/o1E9wgebsIRM5x0QNTi0vcXp+Kw3DfHce5FUwJk
x05QwKh6jC5iSsGKpXiWjCsiQUQjUtRIIS7v5Rv5SesfXI+qUtTWVcMEW+jWQlMG
9x3cbUggkjh32w3El92N
=rnZ2
-----END PGP SIGNATURE-----

--x4m0Vs18Ij7PQU3WSw4ncvrtuT5euD1P5--

--===============6643417844198993324==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============6643417844198993324==--

